The authorize filter allows you to specified group of users that can access a

Question

0

Asked: May 12, 20262026-05-12T11:28:57+00:00 2026-05-12T11:28:57+00:00

The authorize filter allows you to specified group of users that can access a

0

The authorize filter allows you to specified group of users that can access a controller or action:

[Authorize(Roles="Administrator")]
public class HomeController : Controller
{
    // code
}

I would like to know if it is possible to, instead, specify a group of users that cannot access a controller or action.

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-12T11:28:57+00:00

I tried creating my own AuthorizationAttribute after twk’s suggestion:

public class Restrict : AuthorizeAttribute
{
    private readonly string _role;

    public Restrict(string role)
    {
        _role = role;
    }

    protected override bool AuthorizeCore(HttpContextBase httpContext)
    {
        if (httpContext == null)
            throw new ArgumentNullException("httpContext");

        if (httpContext.User.IsInRole(_role))
            return false;

        return true;
    }
}

And I use it like this:

[Restrict("Administrator")]
public class HomeController : Controller
{
    // code
}

I’m unsure whether it is correct practice but it does the job.

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

The authorize filter allows you to specified group of users that can access a

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply